lucas/dotfiles
1
0
Fork 0
Code Activity

fix(nix): add forgejo actions runner

Browse source
This commit is contained in:
Lucas Sta Maria 2025-08-15 15:07:10 +00:00
parent 809c6d73b8
commit acc139d714
No known key found for this signature in database
GPG key ID: F07FB16A826E3B47
5 changed files with 45 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
nix/hosts/chaewon/home.nix
View file

@ -13,6 +13,7 @@
tailscale tailscale
nginx nginx
docker
]; ];
in packages; in packages;
} }

21
nix/hosts/chaewon/sys.nix
View file

@ -1,5 +1,5 @@
{ inputs, config, pkgs, lib, ... }: { { inputs, config, pkgs, lib, ... }: {
imports = [ ./hw.nix ]; imports = [ ./hw.nix ../../modules/secrets.nix ];
time.timeZone = "America/New_York"; time.timeZone = "America/New_York";
@ -156,6 +156,25 @@
}; };
}; };
virtualisation.docker.enable = true;
services.gitea-actions-runner = {
package = pkgs.forgejo-actions-runner;
instances.default = {
enable = true;
name = "monolith";
url = "https://git.priime.dev";
tokenFile = config.age.secrets.forgejo-runner-token.path;
# Default labels
labels = [
"ubuntu-latest:docker://node:16-bullseye"
"ubuntu-22.04:docker://node:16-bullseye"
"ubuntu-20.04:docker://node:16-bullseye"
"ubuntu-18.04:docker://node:16-buster"
];
};
};
services.tailscale.enable = true; services.tailscale.enable = true;
services.thelounge.enable = true; services.thelounge.enable = true;

6
nix/modules/secrets.nix Normal file
View file

@ -0,0 +1,6 @@
{ config, ... }:
{
age.secrets = {
forgejo-runner-token.file = ../../secrets/forgejo-runner-token.age;
};
}

11
secrets/forgejo-runner-token.age Normal file
View file

@ -0,0 +1,11 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IEIrN21jdyBtaVpU
dzJYS0VRTGh5R2kzQWtZSHYwWTdVNWJMLzFMSG9SZnNmeHRxWGprCnRyb2JLMlVt
d0xTRnFSKzlpNXROYjRiTGlMeWNEM041aHYrVllPS2dWL2MKLT4gc3NoLWVkMjU1
MTkgN045S1hnIG9HSlJ5bGlIQVRQK2t5TVBrSXJ1OTdBRjg4bll1ZHRad2RtMVMr
ZDBoWGMKZGExMUhVWEdQYkpoYXgvazAwcC9CSDkxYkREdmF5WGR1RDJUdEJTb2Jt
OAotPiBQPkdRLGJsLWdyZWFzZQpyWDdGQnRyb2hmelUzZTE4TWlRZEpHYktBQUJ0
MHJNCi0tLSBSaEF2NXRaOFpYZlpLNk1Jd1BRVGVRYjJVTkZBd0V1YjJFMjN5V0Ra
dW9ZCvZH5Mz7x4CfsVjVBYm/Lh0f1O6y9FiA5aONR7a6LA4lNMWwwjNXhFLMASG6
tBIipz5c6+5WHx/Vlw7SENZ3szFotWYsofyCF8mEJ1E1NA==
-----END AGE ENCRYPTED FILE-----

7
secrets/secrets.nix Normal file
View file

@ -0,0 +1,7 @@
let
main = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBGpnPYxrYnmtFaf591Q80FQPb01dqTwlH58V6uRa7Fi";
chaewon = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN3rS/k+1jaTtly0/SHvYZ8yy2LJqNk/5HN0wdGRpoqa";
in
{
"forgejo-runner-token.age".publicKeys = [ main chaewon ];
}